Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/3BZN-fpsP5JekjYnDrcLIwcTths.roa
File: 3BZN-fpsP5JekjYnDrcLIwcTths.roa (raw, json)
Hash identifier: 4sbDWCHqQpfPOZPc/fz4QwAtbMwVL2D5czTMBWY2vH4=
Subject key identifier: DC:16:4D:F9:FA:6C:3F:92:5E:92:36:27:0E:B7:0B:23:07:13:B6:1B
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 0130
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3BZN-fpsP5JekjYnDrcLIwcTths.roa
Signing time: Wed 13 Mar 2024 23:55:03 +0000
ROA not before: Wed 13 Mar 2024 23:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 03:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304 (0x130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 13 23:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=DC164DF9FA6C3F925E9236270EB70B230713B61B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e7:1a:c6:db:a1:37:59:78:48:7d:cb:b1:7e:
28:e5:b8:7d:bd:05:17:f0:85:20:62:e7:18:eb:82:
35:8a:e0:71:39:89:87:1a:91:dc:16:c3:11:eb:dc:
a3:1d:ce:b6:86:d9:08:a8:7e:e7:72:9e:7a:eb:30:
40:78:7d:a3:95:8c:a3:09:9c:1c:8d:24:9d:a4:41:
d2:ab:aa:86:cd:50:73:73:1d:5e:15:58:3f:38:ad:
79:54:3e:72:33:86:fe:03:af:15:e0:1d:9c:e9:02:
e1:d4:e6:65:cb:f3:3b:6a:e6:cd:41:65:fd:5a:4c:
9e:16:04:a2:62:64:de:ef:0c:4f:40:6c:4e:5f:89:
c7:db:01:22:66:f5:2c:2b:29:d3:31:43:71:bc:4d:
11:e9:4d:d1:cb:a1:71:af:b8:11:0a:da:24:79:9b:
63:e1:11:0b:65:61:4c:90:ce:da:b5:67:3e:35:ad:
e4:bb:75:d3:64:07:2d:28:c7:a3:56:f1:32:73:a0:
21:b0:34:20:a5:35:4c:8a:c2:29:78:b5:1f:f8:8f:
91:0e:44:11:cd:ed:56:4a:73:48:b0:73:b3:84:de:
c1:ce:c6:73:b6:06:c6:66:00:bc:08:3e:b0:d3:d7:
8a:b0:aa:60:78:25:e2:bc:bd:06:79:60:12:28:e8:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:16:4D:F9:FA:6C:3F:92:5E:92:36:27:0E:B7:0B:23:07:13:B6:1B
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/3BZN-fpsP5JekjYnDrcLIwcTths.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:df:51:6a:b1:03:e1:c0:54:78:e9:3d:3e:a7:10:85:07:43:
2b:6c:ca:11:c3:28:b9:83:0e:1a:49:d8:72:58:8f:cd:33:30:
d0:da:40:cd:8f:d2:80:b2:6f:47:87:fd:77:33:08:2e:b7:49:
4a:ca:77:27:fb:46:9e:14:d9:1b:3e:83:e6:e7:83:94:c9:f6:
8d:15:67:50:f8:f4:56:ca:75:f3:60:7e:f4:ef:d4:38:03:59:
33:1d:c6:c2:1f:fa:74:98:bf:0d:51:0c:e6:ef:1d:5d:23:c4:
39:59:2e:bd:ef:20:60:7f:81:77:97:7f:0e:61:3e:fb:18:a6:
f2:0f:62:8b:c5:9a:de:18:d4:b8:22:6a:77:45:eb:29:a3:1e:
cb:0d:76:2a:6f:d3:89:e1:45:c8:c5:0a:a5:cb:5c:ee:1a:71:
f7:0a:88:d0:6e:05:40:ce:be:3d:78:77:71:df:3f:c2:e5:62:
cd:ab:f5:1c:d8:6b:f4:97:df:e6:d0:83:17:5d:49:4d:62:9a:
a7:ed:fc:32:97:eb:37:27:4b:57:c2:53:41:b6:71:31:8b:b5:
5f:83:23:63:08:12:3a:b3:4f:c1:3a:c7:07:5b:0b:0e:9e:27:
77:4b:b6:4d:99:0e:a1:fb:c7:4e:41:f1:80:9e:f5:13:9e:b6:
79:a5:b0:b5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMTMy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKERDMTY0REY5RkE2QzNG
OTI1RTkyMzYyNzBFQjcwQjIzMDcxM0I2MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK5xrG26E3WXhIfcuxfijluH29BRfwhSBi5xjrgjWK4HE5iYca
kdwWwxHr3KMdzraG2QiofudynnrrMEB4faOVjKMJnByNJJ2kQdKrqobNUHNzHV4V
WD84rXlUPnIzhv4DrxXgHZzpAuHU5mXL8ztq5s1BZf1aTJ4WBKJiZN7vDE9AbE5f
icfbASJm9SwrKdMxQ3G8TRHpTdHLoXGvuBEK2iR5m2PhEQtlYUyQztq1Zz41reS7
ddNkBy0ox6NW8TJzoCGwNCClNUyKwil4tR/4j5EORBHN7VZKc0iwc7OE3sHOxnO2
BsZmALwIPrDT14qwqmB4JeK8vQZ5YBIo6P1HAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU3BZN+fpsP5JekjYnDrcLIwcTthswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzNCWk4tZnBzUDVKZWtq
WW5EcmNMSXdjVHRocy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAI/fUWqxA+HAVHjpPT6nEIUHQytsyhHDKLmD
DhpJ2HJYj80zMNDaQM2P0oCyb0eH/XczCC63SUrKdyf7Rp4U2Rs+g+bng5TJ9o0V
Z1D49FbKdfNgfvTv1DgDWTMdxsIf+nSYvw1RDObvHV0jxDlZLr3vIGB/gXeXfw5h
PvsYpvIPYovFmt4Y1LgiandF6ymjHssNdipv04nhRcjFCqXLXO4acfcKiNBuBUDO
vj14d3HfP8LlYs2r9RzYa/SX3+bQgxddSU1imqft/DKX6zcnS1fCU0G2cTGLtV+D
I2MIEjqzT8E6xwdbCw6eJ3dLtk2ZDqH7x05B8YCe9ROetnmlsLU=
-----END CERTIFICATE-----
Generated at Thu Mar 14 05:21:51 2024 by rpki-client on console-ams.rpki-client.org